Multivariate Statistical Analysis on Anomaly P2P Botnets Detection
| Autor: | Zul Azri Muhamad Noh, M. A. Faizal, Raihana Syahirah Binti Abdullah |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Advanced persistent threat
General Computer Science business.industry Computer science Anomaly (natural sciences) ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS Botnet 020206 networking & telecommunications 02 engineering and technology Computer security computer.software_genre ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS 0202 electrical engineering electronic engineering information engineering Malware 020201 artificial intelligence & image processing The Internet Anomaly detection business computer Host (network) |
| Zdroj: | International Journal of Advanced Computer Science and Applications. 8 |
| ISSN: | 2156-5570 2158-107X |
| DOI: | 10.14569/ijacsa.2017.081259 |
| Popis: | Botnets population is rapidly growing and they become a huge threat on the Internet. Botnets has been declared as Advanced Malware (AM) and Advanced Persistent Threat (APT) listed attacks which is able to manipulate advanced technology where the intricacy of threats need for continuous detection and protection. These attacks will be almost exclusive for financial gain. P2P botnets act as bots that use P2P technology to accomplish certain tasks. The evolution of P2P technology had generated P2P botnets to become more resilient and robust than centralized botnets. This poses a big challenge on detection and defences. In order to detect these botnets, a complete flow analysis is necessary. In this paper, we proposed anomaly detection through chi-square multivariate statistical analysis which currently focuses on time duration and time slot. This particular time is considered to identify the existence of botserver. We foiled both of host level and network level to make coordination within a P2P botnets and the malicious behaviour each bot exhibits for making detection decisions. The statistical approach result show a high detection accuracy and low false positive that make it as one of the promising approach to reveal botserver. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|